In a recent post for The Washington Post’s Monkey Cage blog, Henry Farrell interviewed cryptographer and computer scientist Bruce Schneier about his new book Click Here to Kill Everybody. Farrell focuses the interview on questions related to security risks associated with the increasing prevalence of internet-connected devices around the house (i.e., the Internet of Things), as well as the implications of those risks on politics and policy.
One exchange in particular focuses on government’s role in mitigating risks:
Henry Farrell: What should government do, and how does it need to change in order to do it?
Bruce Schneier: This is a complicated question and one that I spend most of my book trying to answer. I recommend a cocktail of different government interventions. I propose both explicit security rules and more flexible security standards. I propose liabilities when companies are negligent. I propose new laws, new legal interpretations of existing laws, and new actions by federal agencies. I see a role for international regulatory bodies and treaties, because many of the risks are fundamentally global.
The hard part is recognizing that the risks are great enough to require immediate action. My fear is that it will take a catastrophe — crashing all the cars, or shutting down all the power plants — to galvanize governments into action, and that they’ll react with something hastily put together and ill-considered. Our choice is not between longer government regulation or no government regulation; it’s between smart government regulation and stupid government regulation.